70 matches found
TencentOS Server 4: libdwarf (TSSA-2024:0174)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0174 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
TencentOS Server 4: libdwarf (TSSA-2024:0169)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0169 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
CVE-2022-32200
libdwarf 0.4.0 has a heap-based buffer over-read in dwarfcheckstringvalid in dwarfutil.c...
Azure Linux 3.0 Security Update: libdwarf (CVE-2024-2002)
The version of libdwarf installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-2002 advisory. - A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf May try t...
Amazon Linux 2 : libdwarf (ALAS-2024-2688)
The version of libdwarf installed on the remote host is prior to 20130207-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2688 advisory. A flaw was found in libdwarf. A possible memory leak allows an attacker to input a specially crafted file, leading to a crash...
AZL-33328 CVE-2020-28163 affecting package libdwarf for versions less than 0.9.0
libdwarf before 20201201 allows a dwarfprintlines.c NULL pointer dereference and application crash via a DWARF5 line-table header that has an invalid FORM for a pathname...
Out-of-bounds
libdwarf before 20201017 has a one-byte out-of-bounds read because of an invalid pointer dereference via an invalid line table in a crafted object...
CVE-2020-28163
libdwarf before 20201201 allows a dwarfprintlines.c NULL pointer dereference and application crash via a DWARF5 line-table header that has an invalid FORM for a pathname...
CVE-2020-28163
libdwarf before 20201201 allows a dwarfprintlines.c NULL pointer dereference and application crash via a DWARF5 line-table header that has an invalid FORM for a pathname...
Medium: libdwarf
Issue Overview: A double-free vulnerability was found in libdwarf's dwarfexpandframeinstructions function of the dwarfframe.c file. A carefully crafted object file could cause the 'dwarfdump' utility to do a double free in handling an error condition. This issue could cause a segmentation violati...
SUSE CVE-2016-5027
dwarfform.c in libdwarf 20160115 allows remote attackers to cause a denial of service crash via a crafted elf file...
SUSE CVE-2016-5035
The dwarfreadlinetableheader function in dwarflinetablereader.c in libdwarf before 20160923 allows remote attackers to cause a denial of service out-of-bounds read via a crafted file...
SUSE CVE-2016-5038
The dwarfgetmacrostartendfile function in dwarfmacro5.c in libdwarf before 20160923 allows remote attackers to cause a denial of service out-of-bounds read via a crafted string offset for .debugstr...
SUSE CVE-2017-9054
An issue, also known as DW201703-002, was discovered in libdwarf 2017-03-21. In dwarfdecodesleb128chk a byte pointer was dereferenced just before it was checked for being in bounds, leading to a heap-based buffer over-read...
CVE-2022-39170
libdwarf 0.4.1 has a double free in dwarfexecframeinstr in dwarfframe.c...
libdwarf 资源管理错误漏洞
libdwarf is a library and command line tool for reading and writing the DWARF2 standardized debug data format. A security vulnerability exists in versions of libdwarf prior to 0.4.1 that stems from a double release of dwarfexecframeinstr in its dwarfframe.c component...
PT-2022-24790 · Libdwarf · Libdwarf
Name of the Vulnerable Software and Affected Versions: libdwarf version 0.4.1 Description: The issue is related to a double free in the dwarf exec frame instr function located in dwarf frame.c. Recommendations: For libdwarf version 0.4.1, at the moment, there is no information about a newer versi...
CVE-2022-32200
libdwarf 0.4.0 has a heap-based buffer over-read in dwarfcheckstringvalid in dwarfutil.c...
PT-2022-21148 · Libdwarf +3 · Libdwarf +3
Name of the Vulnerable Software and Affected Versions: libdwarf version 0.4.0 Description: The issue is a heap-based buffer over-read in the dwarf check string valid function located in dwarf util.c. Recommendations: For libdwarf version 0.4.0, at the moment, there is no information about a newer...
ALPINE-CVE-2019-14249
dwarfelfloadheaders.c in libdwarf before 2019-07-05 allows attackers to cause a denial of service division by zero via an ELF file with a zero-size section group SHTGROUP, as demonstrated by dwarfdump...